Regarding the critical vulnerability Authentication Bypass – Veeam Backup & Replication (CVE-2024-29849). Veeam B&R is client-server software for centralized backup of virtual machines in VMware vSphere and Microsoft Hyper-V environments.
The vulnerability was found in the Backup Enterprise Manager component – a web console for management and reporting. An unauthenticated attacker could log into the web console as any user. CVSS 9.8.
🔸 The vulnerability was fixed by the vendor on May 21.
🔸 3 weeks later, on June 10, a researcher with the nickname SinSinology posted a write-up (based on analysis of the patch) and a PoC for this vulnerability.
There are no signs of exploitation in the wild yet, but most likely they will appear in the near future. Compromising backups is no less a tempting target than compromising virtual infrastructure.
Be sure to update!
Hi! My name is Alexander and I am a Vulnerability Management specialist. You can read more about me here. Currently, the best way to follow me is my Telegram channel @avleonovcom. I update it more often than this site. If you haven’t used Telegram yet, give it a try. It’s great. You can discuss my posts or ask questions at @avleonovchat.
А всех русскоязычных я приглашаю в ещё один телеграмм канал @avleonovrus, первым делом теперь пишу туда.